The California Office of the Attorney General disclosed a data breach at ITOCHU International Inc. in February 2021, stemming from unauthorized access to an employee’s email account between September 8–9, 2020. The incident exposed sensitive personal information, including individuals' names, Social Security numbers, driver’s license numbers, and financial account details. While the exact number of affected individuals remains undisclosed, the breach poses significant risks of identity theft, financial fraud, and reputational harm. The compromised data particularly financial and government-issued identifiers heightens the potential for long-term exploitation by malicious actors. The breach underscores vulnerabilities in email security protocols, raising concerns about internal safeguards against phishing or credential-theft attacks. Given the nature of the exposed data, affected individuals may face prolonged monitoring for fraudulent activity, while the company confronts regulatory scrutiny and potential legal liabilities under data protection laws.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-538167
TPRM report: https://www.rankiteo.com/company/itochu-international-inc-
"id": "ito717082025",
"linkid": "itochu-international-inc-",
"type": "Breach",
"date": "9/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'location': 'California, USA (reported by CA Attorney '
'General)',
'name': 'ITOCHU International Inc.',
'type': 'Corporation'}],
'attack_vector': 'Unauthorized Access (Email Account Compromise)',
'data_breach': {'data_exfiltration': 'Likely (unauthorized access to email)',
'number_of_records_exposed': 'Unknown',
'personally_identifiable_information': ['Names',
'Social Security '
'Numbers',
'Driver’s License '
'Numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Financial Data']},
'date_publicly_disclosed': '2021-02-22',
'description': 'The California Office of the Attorney General reported a data '
'breach involving ITOCHU International Inc. due to '
"unauthorized access to an employee's email account between "
'September 8, 2020, and September 9, 2020. The breach '
"potentially exposed individuals' names, Social Security "
'numbers, driver’s license numbers, and financial account '
'numbers. The total number of individuals affected is '
'currently unknown.',
'impact': {'data_compromised': ['Names',
'Social Security Numbers',
'Driver’s License Numbers',
'Financial Account Numbers'],
'identity_theft_risk': 'High (PII and financial data exposed)',
'payment_information_risk': 'High (Financial account numbers '
'exposed)',
'systems_affected': ['Employee Email Account']},
'initial_access_broker': {'entry_point': 'Employee Email Account'},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': 'ITOCHU International Inc. Data Breach (2020)',
'type': 'Data Breach'}